public async Task CreateRoleAssignmentAsync() { // Replace client with the Instrumented Client. client = Client; List <KeyVaultRoleDefinition> definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); _roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync. string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id. string servicePrincipalObjectId = _objectId; #region Snippet:CreateRoleAssignmentAsync //@@string definitionIdToAssign = "<roleDefinitionId>"; //@@string servicePrincipalObjectId = "<objectId>"; //@@KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, definitionIdToAssign, servicePrincipalObjectId); /*@@*/ KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, _roleAssignmentId).ConfigureAwait(false); #endregion #region Snippet:GetRoleAssignmentAsync KeyVaultRoleAssignment fetchedAssignment = await client.GetRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion #region Snippet:DeleteRoleAssignmentAsync KeyVaultRoleAssignment deletedAssignment = await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion }
public void CreateRoleAssignment() { // Replace client with the Instrumented Client. client = Client; List <KeyVaultRoleDefinition> definitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global).ToList(); _roleDefinitionId = definitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleAssignments. string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id. string servicePrincipalObjectId = _objectId; #region Snippet:CreateRoleAssignment #if SNIPPET string definitionIdToAssign = "<roleDefinitionId>"; string servicePrincipalObjectId = "<objectId>"; KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else Guid roleAssignmentName = Recording.Random.NewGuid(); KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName); #endif #endregion #region Snippet:GetRoleAssignment KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion #region Snippet:DeleteRoleAssignment client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion }
public void CreateRoleAssignment() { // Replace client with the Instrumented Client. client = Client; List <KeyVaultRoleDefinition> definitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global).ToList(); _roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleAssignments. string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id. string servicePrincipalObjectId = _objectId; #region Snippet:CreateRoleAssignment //@@string definitionIdToAssign = "<roleDefinitionId>"; //@@string servicePrincipalObjectId = "<objectId>"; KeyVaultRoleAssignmentProperties properties = new KeyVaultRoleAssignmentProperties(definitionIdToAssign, servicePrincipalObjectId); //@@RoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, properties); /*@@*/ KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, properties, _roleAssignmentId); #endregion #region Snippet:GetRoleAssignment KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion #region Snippet:DeleteRoleAssignment KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion }
public PSKeyVaultRoleAssignment(KeyVaultRoleAssignment roleAssignment, string hsmName) { Id = roleAssignment.Id; Name = roleAssignment.Name; Type = roleAssignment.Type; Scope = roleAssignment.Properties.Scope?.ToString(); RoleDefinitionId = roleAssignment.Properties.RoleDefinitionId; PrincipalId = roleAssignment.Properties.PrincipalId; HsmName = hsmName; }
public async Task DeleteRoleAssignment() { List <KeyVaultRoleDefinition> definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); KeyVaultRoleDefinition definitionToAssign = definitions.First(d => d.RoleName.Contains(RoleName)); Guid roleAssignmentName = Recording.Random.NewGuid(); KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, roleAssignmentName).ConfigureAwait(false); await Client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, assignment.Name).ConfigureAwait(false); }
public async Task CreateRoleAssignmentAsync() { // Replace client with the Instrumented Client. client = Client; List <KeyVaultRoleDefinition> definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); _roleDefinitionId = definitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync. string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id. string servicePrincipalObjectId = _objectId; #region Snippet:CreateRoleAssignmentKeysScope #if SNIPPET string definitionIdToAssign = "<roleDefinitionId>"; string servicePrincipalObjectId = "<objectId>"; KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else Guid roleAssignmentName = Recording.Random.NewGuid(); KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Keys, definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName).ConfigureAwait(false); #endif #endregion RegisterForCleanup(keysScopedAssignment); // Make sure we have a key to secure. KeyClient keyClient = KeyClient; KeyVaultKey createdKey = await keyClient.CreateKeyAsync(Recording.GenerateId(), KeyType.Oct); string keyName = createdKey.Name; RegisterKeyForCleanup(keyName); #region Snippet:CreateRoleAssignmentKeyScope #if SNIPPET string keyName = "<your-key-name>"; #endif KeyVaultKey key = await keyClient.GetKeyAsync(keyName); #if SNIPPET KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionIdToAssign, servicePrincipalObjectId); #else KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName).ConfigureAwait(false); #endif #endregion RegisterForCleanup(keyScopedAssignment); }
public void RoleAssignmentNotFound() { client = Client; #region Snippet:RoleAssignmentNotFound try { KeyVaultRoleAssignment roleAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, "example-name"); } catch (RequestFailedException ex) { Console.WriteLine(ex.ToString()); } #endregion }
public async Task CreateRoleAssignment() { List <KeyVaultRoleDefinition> definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); var definitionToAssign = definitions.FirstOrDefault(d => d.RoleName.Contains(RoleName)); KeyVaultRoleAssignment result = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, _roleAssignmentId).ConfigureAwait(false); RegisterForCleanup(result); Assert.That(result.Id, Is.Not.Null); Assert.That(result.Name, Is.Not.Null); Assert.That(result.Type, Is.Not.Null); Assert.That(result.Properties.PrincipalId, Is.EqualTo(TestEnvironment.ClientObjectId)); Assert.That(result.Properties.RoleDefinitionId, Is.EqualTo(definitionToAssign.Id)); }
public async Task DeleteRoleAssignment() { List <KeyVaultRoleDefinition> definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); var definitionToAssign = definitions.FirstOrDefault(d => d.RoleName.Contains(RoleName)); var properties = new KeyVaultRoleAssignmentProperties(definitionToAssign.Id, TestEnvironment.ClientObjectId); KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, properties, _roleAssignmentId).ConfigureAwait(false); KeyVaultRoleAssignment result = await Client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, assignment.Name).ConfigureAwait(false); Assert.That(result.Id, Is.EqualTo(assignment.Id)); Assert.That(result.Name, Is.EqualTo(assignment.Name)); Assert.That(result.Type, Is.EqualTo(assignment.Type)); Assert.That(result.Properties.PrincipalId, Is.EqualTo(assignment.Properties.PrincipalId)); Assert.That(result.Properties.RoleDefinitionId, Is.EqualTo(assignment.Properties.RoleDefinitionId)); Assert.That(result.Properties.Scope, Is.EqualTo(assignment.Properties.Scope)); }
public void CreateRoleAssignment() { client = Client; Pageable <KeyVaultRoleDefinition> allDefinitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global); _roleDefinitionId = allDefinitions.FirstOrDefault(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from the List the role definitions section above string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id from the Create/Get credentials section above string servicePrincipalObjectId = _objectId; #region Snippet:ReadmeCreateRoleAssignment #if SNIPPET // Replace <roleDefinitionId> with a role definition Id from the definitions returned from the List the role definitions section above string definitionIdToAssign = "<roleDefinitionId>"; // Replace <objectId> with the service principal object id from the Create/Get credentials section above string servicePrincipalObjectId = "<objectId>"; RoleAssignment createdAssignment = client.CreateRoleAssignment(RoleAssignmentScope.Global, properties); #else KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, _roleAssignmentId); #endif Console.WriteLine(createdAssignment.Name); Console.WriteLine(createdAssignment.Properties.PrincipalId); Console.WriteLine(createdAssignment.Properties.RoleDefinitionId); KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); Console.WriteLine(fetchedAssignment.Name); Console.WriteLine(fetchedAssignment.Properties.PrincipalId); Console.WriteLine(fetchedAssignment.Properties.RoleDefinitionId); KeyVaultRoleAssignment deletedAssignment = client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); Console.WriteLine(deletedAssignment.Name); Console.WriteLine(deletedAssignment.Properties.PrincipalId); Console.WriteLine(deletedAssignment.Properties.RoleDefinitionId); #endregion }
public async Task CreateRoleAssignmentAsync() { // Replace client with the Instrumented Client. client = Client; List <KeyVaultRoleDefinition> definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); _roleDefinitionId = definitions.FirstOrDefault(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync. string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id. string servicePrincipalObjectId = _objectId; #region Snippet:CreateRoleAssignmentKeysScope //@@string definitionIdToAssign = "<roleDefinitionId>"; //@@string servicePrincipalObjectId = "<objectId>"; KeyVaultRoleAssignmentProperties properties = new KeyVaultRoleAssignmentProperties(definitionIdToAssign, servicePrincipalObjectId); //@@RoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(RoleAssignmentScope.Global, properties); /*@@*/ KeyVaultRoleAssignment keysScopedAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Keys, properties, _roleAssignmentId).ConfigureAwait(false); #endregion RegisterForCleanup(keysScopedAssignment); KeyClient keyClient = KeyClient; List <KeyProperties> keyProperties = await keyClient.GetPropertiesOfKeysAsync().ToEnumerableAsync().ConfigureAwait(false); string keyName = keyProperties.First().Name; #region Snippet:CreateRoleAssignmentKeyScope //@@string keyName = "<your-key-name>"; KeyVaultKey key = await keyClient.GetKeyAsync(keyName); //@@RoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new RoleAssignmentScope(key.Id), properties); /*@@*/ KeyVaultRoleAssignment keyScopedAssignment = await client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), properties, _roleAssignmentId).ConfigureAwait(false); #endregion RegisterForCleanup(keyScopedAssignment); }
public async Task GetRoleAssignment() { List <KeyVaultRoleDefinition> definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); KeyVaultRoleDefinition definitionToAssign = definitions.First(d => d.RoleName.Contains(RoleName)); Guid roleAssignmentName = Recording.Random.NewGuid(); KeyVaultRoleAssignment assignment = await Client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionToAssign.Id, TestEnvironment.ClientObjectId, roleAssignmentName).ConfigureAwait(false); RegisterForCleanup(assignment); KeyVaultRoleAssignment result = await Client.GetRoleAssignmentAsync(KeyVaultRoleScope.Global, assignment.Name).ConfigureAwait(false); Assert.That(result.Id, Is.EqualTo(assignment.Id)); Assert.That(result.Name, Is.EqualTo(assignment.Name)); Assert.That(result.Type, Is.EqualTo(assignment.Type)); Assert.That(result.Properties.PrincipalId, Is.EqualTo(assignment.Properties.PrincipalId)); Assert.That(result.Properties.RoleDefinitionId, Is.EqualTo(assignment.Properties.RoleDefinitionId)); Assert.That(result.Properties.Scope, Is.EqualTo(assignment.Properties.Scope)); }
public async Task CreateKeyRoleAssignment() { List <KeyVaultRoleDefinition> definitions = await Client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); KeyVaultRoleDefinition definitionToAssign = definitions.First(d => d.RoleName.Contains(RoleName)); string keyName = Recording.GenerateId(); KeyVaultKey key = await KeyClient.CreateOctKeyAsync(new(keyName)); Guid roleAssignmentName = Recording.Random.NewGuid(); KeyVaultRoleAssignment result = await Client.CreateRoleAssignmentAsync(new KeyVaultRoleScope(key.Id), definitionToAssign.Id, TestEnvironment.ClientObjectId, roleAssignmentName).ConfigureAwait(false); RegisterForCleanup(result); Assert.That(result.Id, Is.Not.Null); Assert.That(result.Name, Is.Not.Null); Assert.That(result.Type, Is.Not.Null); Assert.That(result.Properties.PrincipalId, Is.EqualTo(TestEnvironment.ClientObjectId)); Assert.That(result.Properties.RoleDefinitionId, Is.EqualTo(definitionToAssign.Id)); }
public void CreateRoleAssignment() { client = Client; Pageable <KeyVaultRoleDefinition> allDefinitions = client.GetRoleDefinitions(KeyVaultRoleScope.Global); _roleDefinitionId = allDefinitions.First(d => d.RoleName == RoleName).Id; // Replace roleDefinitionId with a role definition Id from the definitions returned from the List the role definitions section above string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id from the Create/Get credentials section above string servicePrincipalObjectId = _objectId; #if SNIPPET // Replace <roleDefinitionId> with a role definition Id from the definitions returned from the List the role definitions section above string definitionIdToAssign = "<roleDefinitionId>"; // Replace <objectId> with the service principal object id from the Create/Get credentials section above string servicePrincipalObjectId = "<objectId>"; KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else Guid roleDefinitionName = Recording.Random.NewGuid(); KeyVaultRoleAssignment createdAssignment = client.CreateRoleAssignment(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, roleDefinitionName); #endif Console.WriteLine(createdAssignment.Name); Console.WriteLine(createdAssignment.Properties.PrincipalId); Console.WriteLine(createdAssignment.Properties.RoleDefinitionId); KeyVaultRoleAssignment fetchedAssignment = client.GetRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); Console.WriteLine(fetchedAssignment.Name); Console.WriteLine(fetchedAssignment.Properties.PrincipalId); Console.WriteLine(fetchedAssignment.Properties.RoleDefinitionId); client.DeleteRoleAssignment(KeyVaultRoleScope.Global, createdAssignment.Name); }
public async Task CreateRoleAssignmentAsync() { // Replace client with the Instrumented Client. client = Client; List <KeyVaultRoleDefinition> definitions = await client.GetRoleDefinitionsAsync(KeyVaultRoleScope.Global).ToEnumerableAsync().ConfigureAwait(false); _roleDefinitionId = definitions.First(d => d.RoleName == RoleName).Id; #region Snippet:CreateRoleAssignmentAsync #if SNIPPET string definitionIdToAssign = "<roleDefinitionId>"; string servicePrincipalObjectId = "<objectId>"; KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId); #else // Replace roleDefinitionId with a role definition Id from the definitions returned from GetRoleDefinitionsAsync. string definitionIdToAssign = _roleDefinitionId; // Replace objectId with the service principal object id. string servicePrincipalObjectId = _objectId; Guid roleAssignmentName = Recording.Random.NewGuid(); KeyVaultRoleAssignment createdAssignment = await client.CreateRoleAssignmentAsync(KeyVaultRoleScope.Global, definitionIdToAssign, servicePrincipalObjectId, roleAssignmentName).ConfigureAwait(false); #endif #endregion #region Snippet:GetRoleAssignmentAsync KeyVaultRoleAssignment fetchedAssignment = await client.GetRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion #region Snippet:DeleteRoleAssignmentAsync await client.DeleteRoleAssignmentAsync(KeyVaultRoleScope.Global, createdAssignment.Name); #endregion }